Test your website for Content-Security-Policy header.

Check if your site is defending from code injection, XSS, clickjacking by using CSP header.

Netsparker Web Application Security Scanner - the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

About Content Security Policy

CSP (Content Security Policy) is a security header to prevent cross-site scripting, clickjacking, code injection attack.

CSP instruct browser to load content from only allowed source.

You may refer this guide to implement CSP in Apache, Nginx, and Microsoft IIS. Once you are done with the configuration, use CSP header checker tool to verify.